package session;

import database.Database;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import model.Model;
import user.User;
import view.View;

/**
 * Session class implements the session object used by all users signed into
 * their Lithub dashboard. Sessions are requried for all authenticated user
 * areas and act as the main method of moving user provided information to the
 * backend for processing of user-related actions, such as loggin in and
 * registration.
 *
 * @author Reynaldo Gonzales.
 * @version 1.0
 *
 */
public class Session {

    private HttpSession session;
    private HttpServletRequest request;

    /**
     * Session() is the reciever of a session creation request, related to user
     * authentication actions.
     *
     * @param HttpServletRequest request which holds the session information
     * of the requesting user.
     *
     */
    public Session(HttpServletRequest req) {
        session = req.getSession(false);
        request = req;
    }

    /**
     * isAuthorized() is an authentication check for a user's navigation from
     * one view to another; each view has an implentation model which also needs
     * to be refferenced alongside a valid user action.
     *
     *
     * @param referrenced model which needs to be valid.
     * @param requested view which needs to be valid.
     * @param user actions which needs to be stated.
     *
     * @return FALSE if the user doesn't have a valid session. TRUE if the user
     * does have a valid session.
     *
     */
    public Boolean isAuthorized(Model model, View view, String action) {
        if (session == null) {
            return false;
        }
        return true;
    }

    /**
     * startSession() creates a new session for a user who does not already have
     * one set.
     *
     * @param a user object which is requesting to have a new session.
     */
    public void startSession(User u) {
        session = request.getSession(true); // Start a session if it doesn't already exist
        if (session.getAttribute("user") == null) {
            // Store the user object in that session
            session.setAttribute("user", u);
        }
    }

    /**
     * getUserObjectFromSession() returns a user object based on the session
     * they are using and the requests being made - this is used to acquire user
     * attributes and information about user requests based on their session if
     * no other information is directly provided.
     *
     * @return user object which hold user reqeust information.
     */
    public User getUserObjectFromSession() {
        User u = null;

        if (request.getParameter("mobile") == null) {
            session = request.getSession(true); // Start a session if it doesn't already exist
            u = (User) session.getAttribute("user");
        } else {
            Database d = Database.getDatabase();
            String username = request.getParameter("username");
            String password = request.getParameter("password");
            try {
                u = d.getUserByUsernameAndPassword(username, password);
            } catch (Exception ex) {
                Logger.getLogger(Session.class.getName()).log(Level.SEVERE, null, ex);
            }
        }
        return u;
    }
}
